﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Text;
using System.Data.SqlClient;
using System.Net;


namespace Web
{
    public partial class sysdefault : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {
               // Fun.Alert(getIp());
            }
        }


        public static string getIp()
        {
            //try
            //{
            //    string ip = System.Web.HttpContext.Current.Request.UserHostAddress;
            //    string ip2 = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
            //}
            //catch { }

            if (System.Web.HttpContext.Current.Request.ServerVariables["HTTP_VIA"] != null)
                return System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"].Split(new char[] { ',' })[0];
            else
                return System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
        }

        void UpdateUserOperate()
        {
            try
            {
                string UserID = Session["ID"].ToString();
                //获取该用户的最近一次登录信息记录
                StringBuilder strSqlOperate = new StringBuilder();
                strSqlOperate.Append("  SELECT TOP 1 ID,dt_LoginIn");
                strSqlOperate.Append("  FROM dbo.UserOperate ");
                strSqlOperate.Append("  WHERE UserID=" + UserID);
                strSqlOperate.Append("  ORDER BY dt_LoginIn DESC");
                strSqlOperate.Append("  ");

                DataTable dtOperate = SQLHelper.ExecuteDataTable(strSqlOperate.ToString());

                DateTime dt_LoginIn = Convert.ToDateTime(dtOperate.Rows[0]["dt_LoginIn"]);
                string ID = dtOperate.Rows[0]["ID"].ToString();

                DateTime dt_LoginOut = DateTime.Now;
                TimeSpan ts = dt_LoginOut.Subtract(dt_LoginIn);
                string TimeLength = "";
                TimeLength += ts.Hours.ToString() + "时" + ts.Minutes + "分" + ts.Seconds + "秒";

                StringBuilder strSql = new StringBuilder();
                strSql.Append(" update [UserOperate] set ");
                strSql.Append(" dt_LoginOut='" + dt_LoginOut + "',");
                strSql.Append(" TimeLength='" + TimeLength + "'");
                strSql.Append("  where ID=" + ID);
                SQLHelper.ExecuteNonQuery(strSql.ToString());
            }
            catch
            {

            }

        }

        protected void btnSubmit_Click(object sender, EventArgs e)
        {
            
            if (txtLoginName.Text.Trim() == "")
            {

                string StrScript;
                StrScript = ("<script language=javascript>");
                StrScript += ("alert('请输入账户名!');");
                StrScript += ("</script>");
                System.Web.HttpContext.Current.Response.Write(StrScript);
                return;
            }
            if (txtPassword.Text.Trim() == "")
            {
                string StrScript;
                StrScript = ("<script language=javascript>");
                StrScript += ("alert('请输入密码!');");
                StrScript += ("</script>");
                System.Web.HttpContext.Current.Response.Write(StrScript);
                return;
            }
            //检验账户正确性
            StringBuilder strAccount = new StringBuilder();
            strAccount.Append(" SELECT ID, WB_ID,UserGroup_ID,strLoginName,strRealName,strPassword,ISEnable from Users");
            strAccount.Append(" WHERE  UserGroup_ID=@UserGroup_ID AND LOWER(strLoginName)=@strLoginName ");
            SqlParameter[] para = new SqlParameter[]{
            new SqlParameter("@UserGroup_ID",1),
            new SqlParameter("@strLoginName",this.txtLoginName.Text.Trim().ToLower())
            };
            DataTable dtAccount = SQLHelper.ExecuteDataTable(strAccount.ToString(), para);
            if (dtAccount != null && dtAccount.Rows.Count != 0)
            {
                string strPassword = dtAccount.Rows[0]["strPassword"].ToString();
                bool ISEnable = Convert.ToBoolean(dtAccount.Rows[0]["ISEnable"]);
                if (Fun.GetMD5_32(txtPassword.Text.Trim()) == strPassword)
                {
                    if (ISEnable)
                    {
                        HttpContext.Current.Session.Clear();
                        Session["WB_ID"] = dtAccount.Rows[0]["WB_ID"].ToString();//该用户所在的网点ID
                        Session["UserGroup_ID"] = dtAccount.Rows[0]["UserGroup_ID"].ToString();//该用户所在的用户组ID
                        Session["ID"] = dtAccount.Rows[0]["ID"].ToString();//用户ID
                        Session["strLoginName"] = dtAccount.Rows[0]["strLoginName"].ToString();//用户登录名
                        Session["strRealName"] = dtAccount.Rows[0]["strRealName"].ToString();
                        //设置保存session的Cookies值
                        Request.Cookies.Clear();
                        Response.Cookies.Clear();
                        HttpCookie cookie = new HttpCookie("LoginInfo");
                        DateTime dtNow = DateTime.Now;
                        TimeSpan ts = new TimeSpan(1, 0, 0, 0);//设置cookie的保存时间为一天
                        cookie.Expires = dtNow.Add(ts);
                        cookie.Values.Add("ID", dtAccount.Rows[0]["ID"].ToString());

                        //添加营业员访问记录
                        Response.Redirect(@"~/Account_System/SystemIndex.aspx");

                    }
                    else
                    {
                        string StrScript;
                        StrScript = ("<script language=javascript>");
                        StrScript += ("alert('当前账户已被禁用，请与管理员联系!');");
                        StrScript += ("</script>");
                        System.Web.HttpContext.Current.Response.Write(StrScript);
                        return;

                    }
                }
                else
                {
                    string StrScript;
                    StrScript = ("<script language=javascript>");
                    StrScript += ("alert('您输入的密码错误!');");
                    StrScript += ("</script>");
                    System.Web.HttpContext.Current.Response.Write(StrScript);
                    return;

                }
            }
            else
            {
                string StrScript;
                StrScript = ("<script language=javascript>");
                StrScript += ("alert('不存在的账户名!');");
                StrScript += ("</script>");
                System.Web.HttpContext.Current.Response.Write(StrScript);
                return;

            }
        }

     
    }
}